Lucene search
+L

7 matches found

nvd
nvd
added 2026/07/06 10:16 p.m.8 views

CVE-2026-59710

showdown contains a stored cross-site scripting vulnerability in the parseHeaders function of src/subParsers/makehtml/tables.js that fails to properly escape table header ID attributes. Attackers can inject arbitrary HTML and script-executing SVG elements through double-quote characters in markdo...

6.1CVSS0.00198EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/07/06 9:15 p.m.3 views

CVE-2026-59710

showdown contains a stored cross-site scripting vulnerability in the parseHeaders function of src/subParsers/makehtml/tables.js that fails to properly escape table header ID attributes. Attackers can inject arbitrary HTML and script-executing SVG elements through double-quote characters in markdo...

6.1CVSS5.9AI score0.00198EPSS
Exploits0References5
cvelist
cvelist
added 2026/07/06 9:15 p.m.33 views

CVE-2026-59710 showdown - Stored XSS via Unescaped Table Header ID Attribute Injection

showdown contains a stored cross-site scripting vulnerability in the parseHeaders function of src/subParsers/makehtml/tables.js that fails to properly escape table header ID attributes. Attackers can inject arbitrary HTML and script-executing SVG elements through double-quote characters in markdo...

6.1CVSS0.00198EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.12 views

PT-2026-56029

Name of the Vulnerable Software and Affected Versions showdown affected versions not specified Description A stored cross-site scripting issue exists in the parseHeaders function within src/subParsers/makehtml/tables.js. The software fails to properly escape table header ID attributes, allowing...

6.1CVSS5.9AI score0.00198EPSS
Exploits0References6
snyk
snyk
added 2026/04/24 8:43 p.m.8 views

Cross-site Scripting (XSS)

Overview wlc is an A command-line utility for Weblate, translation tool with tight version control integration Affected versions of this package are vulnerable to Cross-site Scripting XSS through the HTML output rendering paths in the output formatter. An attacker can inject arbitrary markup or...

5.1CVSS5.3AI score0.00174EPSS
Exploits0References2
attackerkb
attackerkb
added 2010/05/20 5:30 p.m.1 views

CVE-2010-1998

Cross-site scripting XSS vulnerability in the CCK TableField module 6.x before 6.x-1.2 for Drupal allows remote authenticated users, with certain node creation or editing privileges, to inject arbitrary web script or HTML via table headers...

2.1CVSS5.7AI score0.01014EPSS
Exploits0References8
prion
prion
added 2010/05/20 5:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the CCK TableField module 6.x before 6.x-1.2 for Drupal allows remote authenticated users, with certain node creation or editing privileges, to inject arbitrary web script or HTML via table headers...

2.1CVSS5.8AI score0.01014EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder